Esempi in PHP per bh_checkmodulepermission

Esempio n. 1

File: main.inc.php Progetto: hky/bytehoard

 function getmodulesmenu($menu)
 {
     global $bhcurrent, $bherrors;
     $modulesarray = bh_listmodulesmenu($menu);
     foreach ($modulesarray as $module => $modrow) {
         if (bh_checkmodulepermission($module, $bhcurrent['userobj']->type) == 1) {
             $menumods[] = array("module" => $module, "icon" => $this->getmoduleicon($module), "title" => bh_moduletitle($module));
         }
     }
     return $menumods;
 }

Esempio n. 2

File: modules.inc.php Progetto: hky/bytehoard

function bh_listmodulesdirectory($filepath)
{
    global $bhcurrent, $bhsession;
    # Get lists of modules it's allowed
    $modrows = select_bhdb("modulesdirectory", array("status" => "1"), "");
    $userobj = new bhuser($bhsession['username']);
    # Go through and select those the user is allowed to access
    foreach ($modrows as $modrow) {
        if (bh_checkmodulepermission($modrow['module'], $userobj->type) == 1) {
            if (bh_checkmodulefilepath($modrow['module'], $filepath, $bhsession['username']) == 1) {
                # Special provision for the deletefolder module
                if (!($modrow['module'] == "deletefolder" && ($filepath == "/" || $filepath == "" || $filepath == $userobj->homedir))) {
                    $allowedmods[$modrow['module']] = $modrow;
                }
            }
        }
    }
    return $allowedmods;
}

Esempio n. 3

File: index.php Progetto: hky/bytehoard

$bhcurrent['userobj'] = new bhuser($bhsession['username']);
# OK, all loaded, check the page they requested.
$page = $_GET['page'];
if (empty($page)) {
    $page = $_POST['page'];
}
if (empty($page)) {
    $page = "main";
}
if (!file_exists("modules/" . $page . ".inc.php")) {
    bh_log($bhlang['error:page_not_exist'], "BH_NOPAGE");
    $page = "error";
}
### OK, now do security checks.
# Usertype check
if (bh_checkmodulepermission($page, $bhcurrent['userobj']->type) == 0) {
    bh_log($bhlang['error:access_denied'], "BH_ACCESS_DENIED");
    bh_log($bhlang['error:access_denied'], "BH_ERROR");
    $page = "error";
}
# fileperm check (if needed)
if (!empty($_GET['filepath'])) {
    if (bh_checkmodulefilepath($page, $_GET['filepath'], $bhcurrent['userobj']->username) == 0) {
        bh_log($bhlang['error:access_denied'], "BH_ACCESS_DENIED");
        bh_log($bhlang['error:access_denied'], "BH_ERROR");
        $page = "error";
    }
}
# Pass control to the requested page
require "modules/" . $page . ".inc.php";
# The End.